AWS Security group (SG)
Jump to navigation
Jump to search
Security groups are stateful firewalls
- Default security group
AWS CLI
aws ec2 create-security-group
aws ec2 describe-security-groups
aws rds describe-db-security-groups
aws ec2 delete-security-group
aws ec2 authorize-security-group-ingress
aws ec2 authorize-security-group-egress
aws ec2 describe-instance-attribute --instance-id i-00b1cf99a8xxx --attribute groupSet
aws ec2 describe-instances | grep "GroupName|GroupId"
Load balancers
- Security groups for your Application Load Balancer (ALB)
- Security groups for your Network Load Balancer (NLB) (do not have)
Activities
- Read: https://aws.amazon.com/premiumsupport/knowledge-center/troubleshoot-delete-vpc-sg/
- Read Update your security groups to reference peer security groups
Best practices
- Authorize only specific IAM principals to create and modify security groups
Related
- CidrIp
cidr_blocks
- Network ACL
aws_security_group, aws_network_interface_sg_attachment
aws rds create-db-security-group
See also
- Terraform Security Group:
aws_security_group, aws_security_group_rule, aws_network_interface_sg_attachment
- AWS Security group (SG):
aws ec2 [ create-security-group | describe-security-groups | delete-security-group | authorize-security-group-ingress | authorize-security-group-egress ]
- Security Group, DBSecurityGroup,
aws_security_group, aws_security_group_rule, VpcSecurityGroupId
,AWS::EC2::SecurityGroup
, Security groups for Pods in EKS
Advertising: